d92b399879d86729f3c1c8187fa1f5403a69addecab29333c5330afc0573c878

Sharing

Copy URL

Twitter E-mail

General

Target

d92b399879d86729f3c1c8187fa1f5403a69addecab29333c5330afc0573c878
Size

4.6MB
MD5

77e76b94106de5af1c7fbde519903666
SHA1

da66a805c75e32cbadf347c517a4c7c04fc49746
SHA256

d92b399879d86729f3c1c8187fa1f5403a69addecab29333c5330afc0573c878
SHA512

647261242e63a9cd619c412b4eaf91fd51c1beb7cea39cf298e6f1b10c49d3c5b84d1ad471e93e34625958e5732e1d62a5f634100ee0f7d0c4c1a5161285726e
SSDEEP

98304:D0W8JoV300TyHOOd0g1R/WUyFhju8yg+GVpkoESiP70w:DSoVKHOksju8ynGVp1ri9

Score

N/A

Malware Config

Signatures

Files

d92b399879d86729f3c1c8187fa1f5403a69addecab29333c5330afc0573c878
.exe windows x86

9bc6c06ca447db7af1e9dbb74f04822d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
CreateProcessA
CreateThread
GetModuleHandleA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
MulDiv
FormatMessageA
FindResourceW
CopyFileA
SetLastError
GetCurrentProcessId
GetModuleFileNameW
Sleep
GetProcAddress
LoadLibraryW
GlobalGetAtomNameA
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringA
FreeLibrary
GlobalFlags
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetEvent
WaitForSingleObject
CreateEventA
GetCurrentThreadId
SetThreadPriority
ResumeThread
GlobalAddAtomA
CreateFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
LoadLibraryA
GetVolumeInformationA
EncodePointer
GetSystemDirectoryW
FreeResource
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalFindAtomA
GetVersionExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
CompareStringW
GetLocaleInfoW
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
GetACP
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetTickCount
GetProfileIntA
SearchPathA
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
LCMapStringW
GetStringTypeW
ReleaseSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentProcessorNumber
GetSystemInfo
GetQueuedCompletionStatus
PostQueuedCompletionStatus
VirtualAlloc
VirtualFree
InitializeSRWLock
AcquireSRWLockExclusive
SwitchToThread
GetNativeSystemInfo
ReleaseSemaphore
CreateSemaphoreA
MapViewOfFileEx
CreateFileMappingA
CreateIoCompletionPort
UnmapViewOfFile
WaitForMultipleObjects
GetStdHandle
GetFileType
DeleteFiber
GetSystemTime
FindFirstFileW
FindNextFileW
ConvertFiberToThread
GetEnvironmentVariableW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
RtlUnwind
VirtualQuery
HeapQueryInformation
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
QueryPerformanceFrequency
SetStdHandle
SetConsoleCtrlHandler
CreateFileW
GetDriveTypeW
PeekNamedPipe
GetConsoleCP
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetCurrentDirectoryW
GetFullPathNameW
WriteConsoleW
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
lstrcpyA
Process32Next
GetLastError
CreateToolhelp32Snapshot
HeapSize
lstrcmpA
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
HeapFree
GetModuleHandleW
Process32First

user32

AdjustWindowRectEx
MapWindowPoints
EqualRect
GetClassLongA
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
PostQuitMessage
CopyImage
SetRectEmpty
OffsetRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
ShowOwnedPopups
SetCursor
DeleteMenu
KillTimer
TrackMouseEvent
LoadImageW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
MsgWaitForMultipleObjects
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
GetForegroundWindow
SetActiveWindow
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
CharUpperA
DestroyIcon
GetScrollPos
CallNextHookEx
SetWindowsHookExA
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
IsDialogMessageA
SetWindowLongA
SetFocus
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
MoveWindow
IsWindow
RealChildWindowFromPoint
GetWindow
GetClassNameA
PtInRect
SetWindowTextA
GetFocus
GetDlgCtrlID
IntersectRect
GetSysColorBrush
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
IsWindowEnabled
EnableWindow
SendMessageA
FillRect
ScreenToClient
ClientToScreen
ReleaseDC
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
SystemParametersInfoA
InflateRect
CopyRect
GetSysColor
GetMenuItemInfoA
DestroyMenu
GetSystemMetrics
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetCursorPos
SetForegroundWindow
RegisterClassExA
AppendMenuA
LoadIconA
TranslateMessage
CreateWindowExA
DefWindowProcA
MessageBoxA
SetMenuInfo
LoadAcceleratorsA
TranslateAcceleratorA
TrackPopupMenu
CreatePopupMenu
LoadCursorA
DispatchMessageA
GetMessageA
EndPaint
BeginPaint
InvalidateRect
UpdateWindow
GetDesktopWindow
PeekMessageA
LoadBitmapA
SetTimer
ShowWindow
SetWindowPos
GetDC
DestroyWindow
GetWindowRect
SetScrollPos

gdi32

DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
CreateSolidBrush
GetStockObject
GetDIBits
CreateCompatibleDC
SelectObject
BitBlt
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
CreateRectRgn
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
ExtTextOutA
GetObjectA
GetTextExtentPoint32A
CreateFontIndirectA
GetDeviceCaps
CreateDCA
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
SetRectRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetTextFaceA
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExA
GetTextMetricsA
DPtoLP
SetLayout
CopyMetaFileA
CombineRgn
CreateRectRgnIndirect
PatBlt
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
GetRgnBox
OffsetRgn

shell32

Shell_NotifyIconA
SHGetFileInfoA
ShellExecuteA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
StrChrA
StrPBrkA

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA

ws2_32

shutdown
setsockopt
send
getsockopt
getsockname
WSAGetLastError
ntohs
WSASetLastError
closesocket
select
inet_addr
socket
connect
htons
WSAIoctl
WSARecv
WSASend
WSAAddressToStringA
WSAStringToAddressA
getaddrinfo
freeaddrinfo
bind
listen
WSACleanup
WSAGetOverlappedResult
recv
WSAStartup
ioctlsocket

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertOpenStore
CertGetCertificateContextProperty

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipAlloc
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
PlaySoundA
timeGetTime

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoDisconnectObject
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantCopy
VariantClear
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantInit
LoadTypeLi
VarBstrFromDate

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bc6c06ca447db7af1e9dbb74f04822d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

shlwapi

uxtheme

wininet

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 45KB - Virtual size: 106KB

.gfids Size: 104KB - Virtual size: 104KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 269KB - Virtual size: 268KB

.reloc Size: 190KB - Virtual size: 190KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 45KB - Virtual size: 106KB

.gfids
Size: 104KB - Virtual size: 104KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 269KB - Virtual size: 268KB

.reloc
Size: 190KB - Virtual size: 190KB